Detections
Analytics
PHP < 5.3.11 Multiple Vulnerabilities
medium Nessus Plugin ID 58966
Language:
Synopsis
The remote web server uses a version of PHP that is affected by multiple vulnerabilities.Description
According to its banner, the version of PHP installed on the remote host is earlier than 5.3.11, and as such is potentially affected by multiple vulnerabilities :- During the import of environment variables, temporary changes to the 'magic_quotes_gpc' directive are not handled properly. This can lower the difficulty for SQL injection attacks. (CVE-2012-0831)
- The '$_FILES' variable can be corrupted because the names of uploaded files are not properly validated.
(CVE-2012-1172)
- The 'open_basedir' directive is not properly handled by the functions 'readline_write_history' and 'readline_read_history'.
- The 'header()' function does not detect multi-line headers with a CR. (Bug #60227 / CVE-2011-1398)
Solution
Upgrade to PHP version 5.3.11 or later.See Also
http://www.nessus.org/u?e81d4026
https://bugs.php.net/bug.php?id=61043
https://bugs.php.net/bug.php?id=54374
https://bugs.php.net/bug.php?id=60227
https://marc.info/?l=oss-security&m=134626481806571&w=2
Plugin Details
Severity: Medium
ID: 58966
File Name: php_5_3_11.nasl
Version: 1.18
Type: remote
Family: CGI abuses
Published: 5/2/2012
Updated: 5/28/2024
Configuration: Enable thorough checks
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 6.7
CVSS v2
Risk Factor: Medium
Base Score: 6.8
Temporal Score: 5.3
Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P
CVSS Score Source: CVE-2012-0831
Vulnerability Information
CPE: cpe:/a:php:php
Required KB Items: www/PHP
Excluded KB Items: Settings/disable_cgi_scanning
Exploit Ease: No exploit is required
Patch Publication Date: 4/26/2012
Vulnerability Publication Date: 2/9/2012